What is CVE-2016-0264?

CVE-2016-0264 is a medium-severity vulnerability in Ibm Java_sdk, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 5.6/10. Published 2016-05-24.

How severe is CVE-2016-0264?

Medium severity. CVSS v3 base score is 5.6 out of 10.

Buffer overflow in Ibm Java_sdk

CVE-2016-0264

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0…

Vulnerability class: Buffer Overflow

EPSS: 0.079 (92.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.6 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Ibm Java_sdk
Redhat Enterprise_linux_desktop — versions 5.0, 6.0, 7.0
Redhat Enterprise_linux_hpc_node_supplementary — versions 6.0, 7.0
Redhat Enterprise_linux_server — versions 5.0, 6.0, 7.0
Redhat Enterprise_linux_server_eus — versions 6.7, 7.2, 7.3
Redhat Enterprise_linux_workstation — versions 5.0, 6.0, 7.0
Redhat Satellite — versions 5.6, 5.7
Suse Linux_enterprise_server — versions 11, 10, 12
Suse Linux_enterprise_software_development_kit — versions 11, 12
Suse Manager — versions 2.1

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
SUSE-SU-2016:1299 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
RHSA-2016:1039 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
RHSA-2016:0701 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
SUSE-SU-2016:1303 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2016:1475 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2016:1300 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
RHSA-2016:1430 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
RHSA-2016:0708 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
SUSE-SU-2016:1378 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2016-0264?: CVE-2016-0264 is a medium-severity vulnerability in Ibm Java_sdk, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 5.6/10. Published 2016-05-24.
How severe is CVE-2016-0264?: Medium severity. CVSS v3 base score is 5.6 out of 10.