CVE-2016-0494

Description

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

How to fix CVE-2016-0494

To remediate CVE-2016-0494, upgrade the affected package to a fixed version below.

• Debian/icu—upgrade to 57.1-4 or later

Is CVE-2016-0494 being exploited?

Moderate — EPSS is 5.6%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 57.1-4

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2016-0494