CVE-2016-3500

MEDIUM

Oracle Java SE <8 - DoS

Title source: llm

Description

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.

References (25)

... and 5 more

Scores

CVSS v3 5.3
EPSS 0.1161
EPSS Percentile 93.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Classification

Status draft

Affected Products (12)

oracle/linux
oracle/linux
oracle/linux
oracle/jdk
oracle/jdk
oracle/jdk
oracle/jdk
oracle/jre
oracle/jre
oracle/jre
oracle/jre
oracle/jrockit

Timeline

Published Jul 21, 2016
Tracked Since Feb 18, 2026