Multiple Java vulnerabilities reported in Oracle’s July 2016 Java SE update have been resolved in ePolicy Orchestrator (ePO).
AFFECTED SOFTWARE
The vulnerability is remediated in these versions:
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10166, Intel Security - Security Bulletin: ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities (CVE-2016-3500, CVE-2016-3508, and CVE-2016-3485) ( https://kc.mcafee.com/corporate/index?page=content&id=SB10166)
AFFECTED SOFTWARE
- ePO 5.1.3 and earlier
- ePO 5.3.2 and earlier
The vulnerability is remediated in these versions:
- ePO 5.1.3 + EPO5xHF1151890.zip
- ePO 5.3.1 + EPO5xHF1151890.zip
- ePO 5.3.2 + EPO5xHF1151890.zip
- CVE-2016-3500 (CVSS: 5.3/4.6; Severity: Medium) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
- CVE-2016-3508 (CVSS: 5.3/4.6; Severity: Medium) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
- CVE-2016-3485 (CVSS: 2.9/2.6; Severity: Low) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10166, Intel Security - Security Bulletin: ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities (CVE-2016-3500, CVE-2016-3508, and CVE-2016-3485) ( https://kc.mcafee.com/corporate/index?page=content&id=SB10166)