Oracle Java Development Kit (JDK) 1.8.0 Update 72

CPE Details

Oracle Java Development Kit (JDK) 1.8.0 Update 72
oracle
jdk
1.8.0
2020-09-08
10h28 +00:00
2020-09-08
10h28 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:oracle:jdk:1.8.0:update72:*:*:*:*:*:*

Informations

Vendor

oracle

Product

jdk

Version

1.8.0

Update

update72

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-2801 2020-04-15 11h29 +00:00 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
9.8
Critique
CVE-2016-0603 2016-02-08 15h00 +00:00 Unspecified vulnerability in the Java SE component in Oracle Java SE 6u111, 7u95, 8u71, and 8u72, when running on Windows, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. NOTE: the previous information is from Oracle's Security Alert for CVE-2016-0603. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the "application directory."
7.6