CVE-2016-0483

Priority
Description
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE
Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to AWT.
NOTE: the previous information is from the January 2016 CPU. Oracle has not
commented on third-party claims that this is a heap-based buffer overflow
in the readImage function, which allows remote attackers to execute
arbitrary code via crafted image data.
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (6b38-1.13.10-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (7u95-2.6.4-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (8u72-b15-1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (8u72-b15-1)
Patches:
Upstream:http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/43325651ebb8
More Information

Updated: 2019-03-19 12:24:33 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)