Action not permitted
Modal body text goes here.
cve-2017-10293
Vulnerability from cvelistv5
Published
2017-10-19 17:00
Modified
2024-10-04 16:54
Severity ?
EPSS score ?
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/101338 | Broken Link | |
| secalert_us@oracle.com | http://www.securitytracker.com/id/1039596 | Broken Link | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:2999 | Third Party Advisory | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:3046 | Third Party Advisory | |
| secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:3047 | Third Party Advisory | |
| secalert_us@oracle.com | https://security.gentoo.org/glsa/201710-31 | Third Party Advisory | |
| secalert_us@oracle.com | https://security.netapp.com/advisory/ntap-20171019-0001/ | Third Party Advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Oracle Corporation | Java |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:17.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10293",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:45:35.807984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T16:54:48.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u161"
},
{
"status": "affected",
"version": "7u151"
},
{
"status": "affected",
"version": "8u144"
},
{
"status": "affected",
"version": "9"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-14T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101338"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10293",
"datePublished": "2017-10-19T17:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T16:54:48.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-10293\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-10-19T17:29:02.343\",\"lastModified\":\"2022-08-12T18:04:55.040\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Javadoc). Las versiones compatibles que se han visto afectadas son Java SE: 6u161, 7u151, 8u144 y 9. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado de actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Java SE, as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Java SE. Nota: Esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en la sandbox de aislado Java para protegerse. Esta vulnerabilidad no se aplica a implementaciones Java, normalmente en servidores, que solo cargan y ejecutan c\u00f3digo de confianza (por ejemplo, c\u00f3digo instalado por un administrador). CVSS 3.0 Base Score 6.1 (impactos en la confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"7037AEF9-403D-43EC-ABBB-B46619241586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"B781F1F7-DE18-41F7-83C1-8690B0884DDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D36F2A6-1329-4D74-BADC-C22D46CF7CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"270968EC-7662-41E1-BA9B-D259BEC53A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"71219100-B476-4062-A40A-13F1B8C7DAED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC055BA-0D21-4D2B-AC9B-B81B8468860C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.3\",\"matchCriteriaId\":\"BD075607-09B7-493E-8611-66D041FFDA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"9.5\",\"matchCriteriaId\":\"0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*\",\"matchCriteriaId\":\"280520BC-070C-4423-A633-E6FE45E53D57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndIncluding\":\"11.70.1\",\"matchCriteriaId\":\"73F81EC3-4AB0-4CD7-B845-267C5974DE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9CC59D-6182-4B5E-96B5-226FCD343916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*\",\"matchCriteriaId\":\"1AEFF829-A8F2-4041-8DDF-E705DB3ADED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"698C6261-679D-45C1-A396-57AC96AD64D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BD81527-A341-42C3-9AB9-880D3DB04B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"1A79A7B7-2CE9-4F5E-B76D-01A882C66226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*\",\"matchCriteriaId\":\"3FA5E22C-489B-4C5F-A5F3-C03F45CA8811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE0A9D2-9A49-4BF6-BC6F-8249162D8334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\",\"matchCriteriaId\":\"26A2B713-7D6D-420A-93A4-E0D983C983DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94F7F59-1785-493F-91A7-5F5EA5E87E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"1E35D95E-CCBF-4335-A4DB-02218BA172DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"13270F58-E106-48CE-9933-E68AABBBFC21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"923F6B82-6A8B-4994-89F6-C430775D5234\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"B7B42CB6-3C14-4183-AFA8-C3682F8B54AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"2AA40F7F-504D-47A9-9778-EC4CE46EB8BF\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/101338\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1039596\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2999\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3046\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3047\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201710-31\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171019-0001/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
gsd-2017-10293
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-10293",
"description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"id": "GSD-2017-10293",
"references": [
"https://www.suse.com/security/cve/CVE-2017-10293.html",
"https://access.redhat.com/errata/RHSA-2017:3047",
"https://access.redhat.com/errata/RHSA-2017:3046",
"https://access.redhat.com/errata/RHSA-2017:2999"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-10293"
],
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"id": "GSD-2017-10293",
"modified": "2023-12-13T01:21:15.053195Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101338"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10293"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "101338",
"refsource": "BID",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101338"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2022-08-12T18:04Z",
"publishedDate": "2017-10-19T17:29Z"
}
}
}
rhsa-2017_3047
Vulnerability from csaf_redhat
Published
2017-10-24 12:09
Modified
2024-11-14 21:45
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 6 to version 6 Update 171.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)
Note: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 6. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 6 to version 6 Update 171.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)\n\nNote: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 6. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3047",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_171",
"url": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_171"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/eol-135779.html",
"url": "http://www.oracle.com/technetwork/java/javase/eol-135779.html"
},
{
"category": "external",
"summary": "1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3047.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2024-11-14T21:45:47+00:00",
"generator": {
"date": "2024-11-14T21:45:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3047",
"initial_release_date": "2017-10-24T12:09:09+00:00",
"revision_history": [
{
"date": "2017-10-24T12:09:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T15:18:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T21:45:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.171-1jpp.4.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.171-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"product_id": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.171-1jpp.4.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.171-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"product_id": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.171-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9840",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402345"
}
],
"notes": [
{
"category": "description",
"text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9840"
},
{
"category": "external",
"summary": "RHBZ#1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c"
},
{
"cve": "CVE-2016-9841",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402346"
}
],
"notes": [
{
"category": "description",
"text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inffast.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9841"
},
{
"category": "external",
"summary": "RHBZ#1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inffast.c"
},
{
"cve": "CVE-2016-9842",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402348"
}
],
"notes": [
{
"category": "description",
"text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Undefined left shift of negative number",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9842"
},
{
"category": "external",
"summary": "RHBZ#1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Undefined left shift of negative number"
},
{
"cve": "CVE-2016-9843",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402351"
}
],
"notes": [
{
"category": "description",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Big-endian out-of-bounds pointer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "RHBZ#1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Big-endian out-of-bounds pointer"
},
{
"cve": "CVE-2017-10274",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502053"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10274"
},
{
"category": "external",
"summary": "RHBZ#1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)"
},
{
"cve": "CVE-2017-10281",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502649"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10281"
},
{
"category": "external",
"summary": "RHBZ#1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)"
},
{
"cve": "CVE-2017-10285",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501868"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10285"
},
{
"category": "external",
"summary": "RHBZ#1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)"
},
{
"cve": "CVE-2017-10293",
"discovery_date": "2017-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503320"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10293"
},
{
"category": "external",
"summary": "RHBZ#1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)"
},
{
"cve": "CVE-2017-10295",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502687"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10295"
},
{
"category": "external",
"summary": "RHBZ#1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)"
},
{
"cve": "CVE-2017-10345",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502858"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10345"
},
{
"category": "external",
"summary": "RHBZ#1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)"
},
{
"cve": "CVE-2017-10346",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501873"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10346"
},
{
"category": "external",
"summary": "RHBZ#1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)"
},
{
"cve": "CVE-2017-10347",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502632"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10347"
},
{
"category": "external",
"summary": "RHBZ#1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)"
},
{
"cve": "CVE-2017-10348",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502629"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10348"
},
{
"category": "external",
"summary": "RHBZ#1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)"
},
{
"cve": "CVE-2017-10349",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502611"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10349"
},
{
"category": "external",
"summary": "RHBZ#1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)"
},
{
"cve": "CVE-2017-10355",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502869"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10355"
},
{
"category": "external",
"summary": "RHBZ#1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)"
},
{
"cve": "CVE-2017-10356",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503169"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10356"
},
{
"category": "external",
"summary": "RHBZ#1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)"
},
{
"cve": "CVE-2017-10357",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502614"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10357"
},
{
"category": "external",
"summary": "RHBZ#1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)"
},
{
"cve": "CVE-2017-10388",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502038"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10388"
},
{
"category": "external",
"summary": "RHBZ#1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:09:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)"
}
]
}
rhsa-2017_2999
Vulnerability from csaf_redhat
Published
2017-10-23 07:44
Modified
2024-11-14 21:45
Summary
Red Hat Security Advisory: java-1.8.0-oracle security update
Notes
Topic
An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 8 to version 8 Update 151.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 151.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2999",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html",
"url": "http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html"
},
{
"category": "external",
"summary": "1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "1503319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319"
},
{
"category": "external",
"summary": "1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2999.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-oracle security update",
"tracking": {
"current_release_date": "2024-11-14T21:45:35+00:00",
"generator": {
"date": "2024-11-14T21:45:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2999",
"initial_release_date": "2017-10-23T07:44:37+00:00",
"revision_history": [
{
"date": "2017-10-23T07:44:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T15:18:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T21:45:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9840",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402345"
}
],
"notes": [
{
"category": "description",
"text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9840"
},
{
"category": "external",
"summary": "RHBZ#1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c"
},
{
"cve": "CVE-2016-9841",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402346"
}
],
"notes": [
{
"category": "description",
"text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inffast.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9841"
},
{
"category": "external",
"summary": "RHBZ#1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inffast.c"
},
{
"cve": "CVE-2016-9842",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402348"
}
],
"notes": [
{
"category": "description",
"text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Undefined left shift of negative number",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9842"
},
{
"category": "external",
"summary": "RHBZ#1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Undefined left shift of negative number"
},
{
"cve": "CVE-2016-9843",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402351"
}
],
"notes": [
{
"category": "description",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Big-endian out-of-bounds pointer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "RHBZ#1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Big-endian out-of-bounds pointer"
},
{
"cve": "CVE-2016-10165",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367357"
}
],
"notes": [
{
"category": "description",
"text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lcms2: Out-of-bounds read in Type_MLU_Read()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10165"
},
{
"category": "external",
"summary": "RHBZ#1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165"
}
],
"release_date": "2016-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lcms2: Out-of-bounds read in Type_MLU_Read()"
},
{
"cve": "CVE-2017-10274",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502053"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10274"
},
{
"category": "external",
"summary": "RHBZ#1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)"
},
{
"cve": "CVE-2017-10281",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502649"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10281"
},
{
"category": "external",
"summary": "RHBZ#1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)"
},
{
"cve": "CVE-2017-10285",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501868"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10285"
},
{
"category": "external",
"summary": "RHBZ#1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)"
},
{
"cve": "CVE-2017-10293",
"discovery_date": "2017-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503320"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10293"
},
{
"category": "external",
"summary": "RHBZ#1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)"
},
{
"cve": "CVE-2017-10295",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502687"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10295"
},
{
"category": "external",
"summary": "RHBZ#1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)"
},
{
"cve": "CVE-2017-10309",
"discovery_date": "2017-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503319"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10309"
},
{
"category": "external",
"summary": "RHBZ#1503319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10309"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)"
},
{
"cve": "CVE-2017-10345",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502858"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10345"
},
{
"category": "external",
"summary": "RHBZ#1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)"
},
{
"cve": "CVE-2017-10346",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501873"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10346"
},
{
"category": "external",
"summary": "RHBZ#1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)"
},
{
"cve": "CVE-2017-10347",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502632"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10347"
},
{
"category": "external",
"summary": "RHBZ#1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)"
},
{
"cve": "CVE-2017-10348",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502629"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10348"
},
{
"category": "external",
"summary": "RHBZ#1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)"
},
{
"cve": "CVE-2017-10349",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502611"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10349"
},
{
"category": "external",
"summary": "RHBZ#1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)"
},
{
"cve": "CVE-2017-10350",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502640"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10350"
},
{
"category": "external",
"summary": "RHBZ#1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)"
},
{
"cve": "CVE-2017-10355",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502869"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10355"
},
{
"category": "external",
"summary": "RHBZ#1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)"
},
{
"cve": "CVE-2017-10356",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503169"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10356"
},
{
"category": "external",
"summary": "RHBZ#1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)"
},
{
"cve": "CVE-2017-10357",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502614"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10357"
},
{
"category": "external",
"summary": "RHBZ#1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)"
},
{
"cve": "CVE-2017-10388",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502038"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10388"
},
{
"category": "external",
"summary": "RHBZ#1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-23T07:44:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)"
}
]
}
rhsa-2017_3046
Vulnerability from csaf_redhat
Published
2017-10-24 12:14
Modified
2024-11-14 21:45
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 7 to version 7 Update 161.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)
Note: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 7. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 161.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)\n\nNote: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 7. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3046",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_161",
"url": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_161"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/eol-135779.html",
"url": "http://www.oracle.com/technetwork/java/javase/eol-135779.html"
},
{
"category": "external",
"summary": "1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3046.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.0-oracle security update",
"tracking": {
"current_release_date": "2024-11-14T21:45:41+00:00",
"generator": {
"date": "2024-11-14T21:45:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3046",
"initial_release_date": "2017-10-24T12:14:29+00:00",
"revision_history": [
{
"date": "2017-10-24T12:14:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T15:24:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T21:45:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9840",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402345"
}
],
"notes": [
{
"category": "description",
"text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9840"
},
{
"category": "external",
"summary": "RHBZ#1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c"
},
{
"cve": "CVE-2016-9841",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402346"
}
],
"notes": [
{
"category": "description",
"text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inffast.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9841"
},
{
"category": "external",
"summary": "RHBZ#1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inffast.c"
},
{
"cve": "CVE-2016-9842",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402348"
}
],
"notes": [
{
"category": "description",
"text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Undefined left shift of negative number",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9842"
},
{
"category": "external",
"summary": "RHBZ#1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Undefined left shift of negative number"
},
{
"cve": "CVE-2016-9843",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402351"
}
],
"notes": [
{
"category": "description",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Big-endian out-of-bounds pointer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "RHBZ#1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Big-endian out-of-bounds pointer"
},
{
"cve": "CVE-2016-10165",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367357"
}
],
"notes": [
{
"category": "description",
"text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lcms2: Out-of-bounds read in Type_MLU_Read()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10165"
},
{
"category": "external",
"summary": "RHBZ#1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165"
}
],
"release_date": "2016-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lcms2: Out-of-bounds read in Type_MLU_Read()"
},
{
"cve": "CVE-2017-10274",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502053"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10274"
},
{
"category": "external",
"summary": "RHBZ#1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)"
},
{
"cve": "CVE-2017-10281",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502649"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10281"
},
{
"category": "external",
"summary": "RHBZ#1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)"
},
{
"cve": "CVE-2017-10285",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501868"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10285"
},
{
"category": "external",
"summary": "RHBZ#1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)"
},
{
"cve": "CVE-2017-10293",
"discovery_date": "2017-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503320"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10293"
},
{
"category": "external",
"summary": "RHBZ#1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)"
},
{
"cve": "CVE-2017-10295",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502687"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10295"
},
{
"category": "external",
"summary": "RHBZ#1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)"
},
{
"cve": "CVE-2017-10345",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502858"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10345"
},
{
"category": "external",
"summary": "RHBZ#1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)"
},
{
"cve": "CVE-2017-10346",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501873"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10346"
},
{
"category": "external",
"summary": "RHBZ#1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)"
},
{
"cve": "CVE-2017-10347",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502632"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10347"
},
{
"category": "external",
"summary": "RHBZ#1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)"
},
{
"cve": "CVE-2017-10348",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502629"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10348"
},
{
"category": "external",
"summary": "RHBZ#1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)"
},
{
"cve": "CVE-2017-10349",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502611"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10349"
},
{
"category": "external",
"summary": "RHBZ#1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)"
},
{
"cve": "CVE-2017-10350",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502640"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10350"
},
{
"category": "external",
"summary": "RHBZ#1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)"
},
{
"cve": "CVE-2017-10355",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502869"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10355"
},
{
"category": "external",
"summary": "RHBZ#1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)"
},
{
"cve": "CVE-2017-10356",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503169"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10356"
},
{
"category": "external",
"summary": "RHBZ#1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)"
},
{
"cve": "CVE-2017-10357",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502614"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10357"
},
{
"category": "external",
"summary": "RHBZ#1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)"
},
{
"cve": "CVE-2017-10388",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502038"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10388"
},
{
"category": "external",
"summary": "RHBZ#1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)"
}
]
}
ghsa-42p8-x3rm-58mv
Vulnerability from github
Published
2022-05-13 01:16
Modified
2022-05-13 01:16
Severity ?
Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
{
"affected": [],
"aliases": [
"CVE-2017-10293"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-19T17:29:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"id": "GHSA-42p8-x3rm-58mv",
"modified": "2022-05-13T01:16:56Z",
"published": "2022-05-13T01:16:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101338"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039596"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.