rhsa-2017_3046
Vulnerability from csaf_redhat
Published
2017-10-24 12:14
Modified
2024-11-05 20:14
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 7 to version 7 Update 161.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)
Note: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 7. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 161.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)\n\nNote: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 7. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3046",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_161",
"url": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_161"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/eol-135779.html",
"url": "http://www.oracle.com/technetwork/java/javase/eol-135779.html"
},
{
"category": "external",
"summary": "1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3046.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.0-oracle security update",
"tracking": {
"current_release_date": "2024-11-05T20:14:56+00:00",
"generator": {
"date": "2024-11-05T20:14:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2017:3046",
"initial_release_date": "2017-10-24T12:14:29+00:00",
"revision_history": [
{
"date": "2017-10-24T12:14:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T15:24:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:14:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.4.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.3.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.4.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.161-1jpp.3.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9840",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402345"
}
],
"notes": [
{
"category": "description",
"text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9840"
},
{
"category": "external",
"summary": "RHBZ#1402345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c"
},
{
"cve": "CVE-2016-9841",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402346"
}
],
"notes": [
{
"category": "description",
"text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Out-of-bounds pointer arithmetic in inffast.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9841"
},
{
"category": "external",
"summary": "RHBZ#1402346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Out-of-bounds pointer arithmetic in inffast.c"
},
{
"cve": "CVE-2016-9842",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402348"
}
],
"notes": [
{
"category": "description",
"text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Undefined left shift of negative number",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9842"
},
{
"category": "external",
"summary": "RHBZ#1402348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Undefined left shift of negative number"
},
{
"cve": "CVE-2016-9843",
"discovery_date": "2016-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1402351"
}
],
"notes": [
{
"category": "description",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zlib: Big-endian out-of-bounds pointer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "RHBZ#1402351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843"
},
{
"category": "external",
"summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7",
"url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7"
},
{
"category": "external",
"summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
}
],
"release_date": "2016-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "zlib: Big-endian out-of-bounds pointer"
},
{
"cve": "CVE-2016-10165",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2016-08-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367357"
}
],
"notes": [
{
"category": "description",
"text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lcms2: Out-of-bounds read in Type_MLU_Read()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10165"
},
{
"category": "external",
"summary": "RHBZ#1367357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165"
}
],
"release_date": "2016-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lcms2: Out-of-bounds read in Type_MLU_Read()"
},
{
"cve": "CVE-2017-10274",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502053"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10274"
},
{
"category": "external",
"summary": "RHBZ#1502053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)"
},
{
"cve": "CVE-2017-10281",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502649"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10281"
},
{
"category": "external",
"summary": "RHBZ#1502649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)"
},
{
"cve": "CVE-2017-10285",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501868"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10285"
},
{
"category": "external",
"summary": "RHBZ#1501868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)"
},
{
"cve": "CVE-2017-10293",
"discovery_date": "2017-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503320"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10293"
},
{
"category": "external",
"summary": "RHBZ#1503320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)"
},
{
"cve": "CVE-2017-10295",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502687"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10295"
},
{
"category": "external",
"summary": "RHBZ#1502687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)"
},
{
"cve": "CVE-2017-10345",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502858"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10345"
},
{
"category": "external",
"summary": "RHBZ#1502858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)"
},
{
"cve": "CVE-2017-10346",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1501873"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10346"
},
{
"category": "external",
"summary": "RHBZ#1501873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)"
},
{
"cve": "CVE-2017-10347",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502632"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10347"
},
{
"category": "external",
"summary": "RHBZ#1502632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)"
},
{
"cve": "CVE-2017-10348",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502629"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10348"
},
{
"category": "external",
"summary": "RHBZ#1502629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)"
},
{
"cve": "CVE-2017-10349",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502611"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10349"
},
{
"category": "external",
"summary": "RHBZ#1502611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10349"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)"
},
{
"cve": "CVE-2017-10350",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502640"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10350"
},
{
"category": "external",
"summary": "RHBZ#1502640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)"
},
{
"cve": "CVE-2017-10355",
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502869"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10355"
},
{
"category": "external",
"summary": "RHBZ#1502869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)"
},
{
"cve": "CVE-2017-10356",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503169"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10356"
},
{
"category": "external",
"summary": "RHBZ#1503169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)"
},
{
"cve": "CVE-2017-10357",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502614"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10357"
},
{
"category": "external",
"summary": "RHBZ#1502614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10357"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)"
},
{
"cve": "CVE-2017-10388",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2017-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1502038"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-10388"
},
{
"category": "external",
"summary": "RHBZ#1502038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388"
}
],
"release_date": "2017-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-24T12:14:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.