Oracle Linux Bulletin - January 2017

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.

Patch Availability

Please see ULN Advisory http://linux.oracle.com/ol-pad-bulletin

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

18 April 2017
18 July 2017
17 October 2017
16 January 2018

References

Oracle Critical Patch Updates and Security Alerts main page [ Oracle Technology Network ]
CVRF XML version of the risk matrix [ Oracle Technology Network ]
Oracle Critical Patch Updates and Security Alerts - Frequently Asked Questions [ CPU FAQ ]
Risk Matrix definitions [ Risk Matrix Definitions ]
Use of Common Vulnerability Scoring System (CVSS) by Oracle [ Oracle CVSS Scoring ]

Modification History

2017-March-17	Rev 3. New CVEs added.
2017-February-17	Rev 2. New CVEs added.
2017-January-17	Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 114 new security fixes for the Oracle Linux. 84 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Oracle Linux Risk Matrix

Revision 3: Published on 2017-03-17

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 2.0 RISK (see Risk Matrix Definitions)							Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Access Vector	Access Complexity	Authentication	Confidentiality	Integrity	Availability	Supported Versions Affected
CVE-2016-9083	Oracle Linux	kernel	No	7.2	Local	Low	None	Complete	Complete	Complete	7
CVE-2016-9555	Oracle Linux	kernel	Yes	7.1	Network	Medium	None	None	None	Complete	6
CVE-2017-6074	Oracle Linux	Unbreakable Enterprise kernel	No	6.8	Local	Low	Single	Complete	Complete	Complete	6,7
CVE-2017-5398	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5400	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5401	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5402	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5404	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-6074	Oracle Linux	kernel	No	6.8	Local	Low	Single	Complete	Complete	Complete	5,6,7
CVE-2017-5398	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5400	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5401	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5402	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5404	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-6074	Oracle Linux	Unbreakable Enterprise kernel	No	6.8	Local	Low	Single	Complete	Complete	Complete	5,6
CVE-2016-8655	Oracle Linux	kernel	No	6.6	Local	Medium	Single	Complete	Complete	Complete	7
CVE-2016-6816	Oracle Linux	tomcat6	Yes	5.8	Network	Medium	None	Partial	Partial	None	6
CVE-2016-8630	Oracle Linux	kernel	No	5.2	Adjacent network	Medium	Single	None	None	Complete	7
CVE-2017-5405	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2017-5410	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2017-5405	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2017-5410	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2017-2615	Oracle Linux	kvm	No	4.9	Adjacent network	Medium	Single	Partial	Partial	Partial	5
CVE-2017-2620	Oracle Linux	kvm	No	4.9	Adjacent network	Medium	Single	Partial	Partial	Partial	5
CVE-2017-2615	Oracle Linux	qemu-kvm	No	4.9	Adjacent network	Medium	Single	Partial	Partial	Partial	6,7
CVE-2017-2620	Oracle Linux	qemu-kvm	No	4.9	Adjacent network	Medium	Single	Partial	Partial	Partial	7
CVE-2017-2620	Oracle Linux	qemu-kvm	No	4.9	Adjacent network	Medium	Single	Partial	Partial	Partial	6
CVE-2017-5407	Oracle Linux	firefox	Yes	4.3	Network	Medium	None	None	Partial	None	5,6,7
CVE-2017-5408	Oracle Linux	firefox	Yes	4.3	Network	Medium	None	None	Partial	None	5,6,7
CVE-2016-8610	Oracle Linux	openssl	Yes	4.3	Network	Medium	None	None	None	Partial	6,7
CVE-2016-2857	Oracle Linux	qemu-kvm	No	4.3	Adjacent network	Medium	None	Partial	None	Partial	6
CVE-2017-5407	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	None	Partial	None	6,7
CVE-2017-5408	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	None	Partial	None	6,7
CVE-2016-8745	Oracle Linux	tomcat6	Yes	4.3	Network	Medium	None	Partial	None	None	6
CVE-2016-6136	Oracle Linux	kernel	No	3.3	Local	Medium	None	Partial	None	Partial	6
CVE-2016-9084	Oracle Linux	kernel	No	3.3	Local	Medium	None	None	Partial	Partial	7
CVE-2017-2590	Oracle Linux	ipa	Yes	0.0	Network	Undefined	None	None	None	None	7
CVE-2017-2634	Oracle Linux	kernel	Yes	0.0	Network	Undefined	None	None	None	None	5
CVE-2017-3731	Oracle Linux	openssl	Yes	0.0	Network	Undefined	None	None	None	None	6,7

Revision 2: Published on 2017-02-17

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 2.0 RISK (see Risk Matrix Definitions)							Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Access Vector	Access Complexity	Authentication	Confidentiality	Integrity	Availability	Supported Versions Affected
CVE-2016-7117	Oracle Linux	kernel	Yes	7.6	Network	High	None	Complete	Complete	Complete	7
CVE-2016-9083	Oracle Linux	Unbreakable Enterprise kernel	No	7.2	Local	Low	None	Complete	Complete	Complete	6,7
CVE-2016-9555	Oracle Linux	kernel	Yes	7.1	Network	Medium	None	None	None	Complete	7
CVE-2016-6662	Oracle Linux	mysql	No	7.1	Network	High	Single	Complete	Complete	Complete	6
CVE-2017-5373	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5375	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-5376	Oracle Linux	firefox	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-3241	Oracle Linux	java-1.7.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-3272	Oracle Linux	java-1.7.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-3289	Oracle Linux	java-1.7.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2017-3241	Oracle Linux	java-1.8.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-3272	Oracle Linux	java-1.8.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-3289	Oracle Linux	java-1.8.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5373	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5375	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2017-5376	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9576	Oracle Linux	Unbreakable Enterprise kernel	No	6.2	Local	High	None	Complete	Complete	Complete	6,7
CVE-2016-9577	Oracle Linux	spice	No	6.0	Network	Medium	Single	Partial	Partial	Partial	7
CVE-2016-9577	Oracle Linux	spice-server	No	6.0	Network	Medium	Single	Partial	Partial	Partial	6
CVE-2015-8870	Oracle Linux	libtiff	Yes	5.8	Network	Medium	None	Partial	None	Partial	6,7
CVE-2016-9310	Oracle Linux	ntp	Yes	5.8	Network	Medium	None	Partial	None	Partial	6,7
CVE-2016-8630	Oracle Linux	Unbreakable Enterprise kernel	No	5.2	Adjacent network	Medium	Single	None	None	Complete	6,7
CVE-2017-5380	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2017-5386	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2017-5390	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2017-5396	Oracle Linux	firefox	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2016-5652	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9533	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9534	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9535	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9536	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9537	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9540	Oracle Linux	libtiff	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2017-5380	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2017-5390	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2017-5396	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-5546	Oracle Linux	java-1.7.0-openjdk	Yes	5.0	Network	Low	None	None	Partial	None	5,6,7
CVE-2016-5547	Oracle Linux	java-1.7.0-openjdk	Yes	5.0	Network	Low	None	None	None	Partial	5,6,7
CVE-2016-5552	Oracle Linux	java-1.7.0-openjdk	Yes	5.0	Network	Low	None	None	Partial	None	5,6,7
CVE-2017-3253	Oracle Linux	java-1.7.0-openjdk	Yes	5.0	Network	Low	None	None	None	Partial	5,6,7
CVE-2016-5546	Oracle Linux	java-1.8.0-openjdk	Yes	5.0	Network	Low	None	None	Partial	None	6,7
CVE-2016-5547	Oracle Linux	java-1.8.0-openjdk	Yes	5.0	Network	Low	None	None	None	Partial	6,7
CVE-2016-5552	Oracle Linux	java-1.8.0-openjdk	Yes	5.0	Network	Low	None	None	Partial	None	6,7
CVE-2017-3253	Oracle Linux	java-1.8.0-openjdk	Yes	5.0	Network	Low	None	None	None	Partial	6,7
CVE-2016-9578	Oracle Linux	spice	Yes	5.0	Network	Low	None	None	None	Partial	7
CVE-2016-9578	Oracle Linux	spice-server	Yes	5.0	Network	Low	None	None	None	Partial	6
CVE-2016-8646	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	Medium	None	None	None	Complete	6,7
CVE-2016-8646	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	Medium	None	None	None	Complete	5,6
CVE-2013-7446	Oracle Linux	Unbreakable Enterprise kernel	No	4.6	Local	Low	None	Partial	Partial	Partial	5,6
CVE-2017-3135	Oracle Linux	bind	Yes	4.3	Network	Medium	None	None	None	Partial	7
CVE-2017-5378	Oracle Linux	firefox	Yes	4.3	Network	Medium	None	Partial	None	None	5,6,7
CVE-2017-5383	Oracle Linux	firefox	Yes	4.3	Network	Medium	None	None	Partial	None	5,6,7
CVE-2016-5548	Oracle Linux	java-1.7.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	5,6,7
CVE-2017-3231	Oracle Linux	java-1.7.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	5,6,7
CVE-2017-3261	Oracle Linux	java-1.7.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	5,6,7
CVE-2016-5548	Oracle Linux	java-1.8.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2017-3231	Oracle Linux	java-1.8.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2017-3261	Oracle Linux	java-1.8.0-openjdk	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-7426	Oracle Linux	ntp	Yes	4.3	Network	Medium	None	None	None	Partial	6,7
CVE-2016-9311	Oracle Linux	ntp	Yes	4.3	Network	Medium	None	None	None	Partial	6,7
CVE-2016-2857	Oracle Linux	qemu-kvm	No	4.3	Adjacent network	Medium	None	Partial	None	Partial	7
CVE-2016-10002	Oracle Linux	squid	Yes	4.3	Network	Medium	None	Partial	None	None	7
CVE-2016-10002	Oracle Linux	squid34	Yes	4.3	Network	Medium	None	Partial	None	None	6
CVE-2017-5378	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2017-5383	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	None	Partial	None	6,7
CVE-2016-6828	Oracle Linux	kernel	No	3.6	Local	Low	None	None	Partial	Partial	7
CVE-2016-5616	Oracle Linux	mysql	No	3.5	Local	High	Single	Partial	Partial	Partial	6
CVE-2016-6663	Oracle Linux	mysql	No	3.5	Local	High	Single	Partial	Partial	Partial	6
CVE-2016-9084	Oracle Linux	Unbreakable Enterprise kernel	No	3.3	Local	Medium	None	None	Partial	Partial	6,7
CVE-2016-7429	Oracle Linux	ntp	Yes	2.6	Network	High	None	None	None	Partial	6,7
CVE-2015-1420	Oracle Linux	Unbreakable Enterprise kernel	No	2.6	Local	High	None	Partial	Partial	None	5,6
CVE-2016-4482	Oracle Linux	Unbreakable Enterprise kernel	No	2.1	Local	Low	None	Partial	None	None	6,7
CVE-2016-4485	Oracle Linux	Unbreakable Enterprise kernel	No	2.1	Local	Low	None	Partial	None	None	6,7
CVE-2017-3252	Oracle Linux	java-1.7.0-openjdk	No	2.1	Network	High	Single	None	Partial	None	5,6,7
CVE-2017-3252	Oracle Linux	java-1.8.0-openjdk	No	2.1	Network	High	Single	None	Partial	None	6,7
CVE-2016-4482	Oracle Linux	Unbreakable Enterprise kernel	No	2.1	Local	Low	None	Partial	None	None	5,6
CVE-2016-4485	Oracle Linux	Unbreakable Enterprise kernel	No	2.1	Local	Low	None	Partial	None	None	5,6
CVE-2016-7433	Oracle Linux	ntp	No	1.2	Local	High	None	None	None	Partial	6,7

Revision 1: Published on 2017-01-17

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 2.0 RISK (see Risk Matrix Definitions)							Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Access Vector	Access Complexity	Authentication	Confidentiality	Integrity	Availability	Supported Versions Affected
CVE-2016-7117	Oracle Linux	Unbreakable Enterprise kernel	Yes	7.6	Network	High	None	Complete	Complete	Complete	6,7
CVE-2016-7117	Oracle Linux	kernel	Yes	7.6	Network	High	None	Complete	Complete	Complete	5,6
CVE-2016-7117	Oracle Linux	Unbreakable Enterprise kernel	Yes	7.6	Network	High	None	Complete	Complete	Complete	5,6
CVE-2016-8666	Oracle Linux	Unbreakable Enterprise kernel	Yes	7.1	Network	Medium	None	None	None	Complete	6,7
CVE-2016-9793	Oracle Linux	Unbreakable Enterprise kernel	No	6.9	Local	Medium	None	Complete	Complete	Complete	6,7
CVE-2016-9793	Oracle Linux	Unbreakable Enterprise kernel	No	6.9	Local	Medium	None	Complete	Complete	Complete	5,6
CVE-2016-9445	Oracle Linux	gstreamer-plugins-bad-free	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9447	Oracle Linux	gstreamer-plugins-bad-free	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9634	Oracle Linux	gstreamer-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9635	Oracle Linux	gstreamer-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9636	Oracle Linux	gstreamer-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9808	Oracle Linux	gstreamer-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9445	Oracle Linux	gstreamer1-plugins-bad-free	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	7
CVE-2016-9634	Oracle Linux	gstreamer1-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	7
CVE-2016-9635	Oracle Linux	gstreamer1-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	7
CVE-2016-9636	Oracle Linux	gstreamer1-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	7
CVE-2016-9808	Oracle Linux	gstreamer1-plugins-good	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	7
CVE-2016-5582	Oracle Linux	java-1.6.0-openjdk	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	5,6,7
CVE-2016-9893	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-9899	Oracle Linux	thunderbird	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-1248	Oracle Linux	vim	Yes	6.8	Network	Medium	None	Partial	Partial	Partial	6,7
CVE-2016-8655	Oracle Linux	Unbreakable Enterprise kernel	No	6.6	Local	Medium	Single	Complete	Complete	Complete	6,7
CVE-2016-9575	Oracle Linux	ipa	No	6.5	Network	Low	Single	Partial	Partial	Partial	7
CVE-2016-9637	Oracle Linux	xen	No	6.5	Adjacent network	High	Single	Complete	Complete	Complete	5
CVE-2016-9794	Oracle Linux	Unbreakable Enterprise kernel	No	6.3	Local	Medium	None	None	Complete	Complete	6,7
CVE-2016-9794	Oracle Linux	Unbreakable Enterprise kernel	No	6.3	Local	Medium	None	None	Complete	Complete	5,6
CVE-2016-3157	Oracle Linux	Unbreakable Enterprise kernel	No	6.0	Network	Medium	Single	Partial	Partial	Partial	5,6
CVE-2016-4998	Oracle Linux	kernel	No	5.6	Local	Low	None	Partial	None	Complete	6
CVE-2016-7978	Oracle Linux	ghostscript	Yes	5.1	Network	High	None	Partial	Partial	Partial	7
CVE-2016-7979	Oracle Linux	ghostscript	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-8602	Oracle Linux	ghostscript	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-5573	Oracle Linux	java-1.6.0-openjdk	Yes	5.1	Network	High	None	Partial	Partial	Partial	5,6,7
CVE-2016-9905	Oracle Linux	thunderbird	Yes	5.1	Network	High	None	Partial	Partial	Partial	6,7
CVE-2016-9131	Oracle Linux	bind	Yes	5.0	Network	Low	None	None	None	Partial	7
CVE-2016-9147	Oracle Linux	bind	Yes	5.0	Network	Low	None	None	None	Partial	5,6,7
CVE-2016-9444	Oracle Linux	bind	Yes	5.0	Network	Low	None	None	None	Partial	7
CVE-2016-9147	Oracle Linux	bind97	Yes	5.0	Network	Low	None	None	None	Partial	5
CVE-2016-7042	Oracle Linux	Unbreakable Enterprise kernel	No	4.9	Local	Low	None	None	None	Complete	6,7
CVE-2016-7042	Oracle Linux	Unbreakable Enterprise kernel	No	4.9	Local	Low	None	None	None	Complete	5,6
CVE-2016-9806	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	Medium	None	None	None	Complete	6,7
CVE-2013-5653	Oracle Linux	ghostscript	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-7977	Oracle Linux	ghostscript	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-9807	Oracle Linux	gstreamer-plugins-good	Yes	4.3	Network	Medium	None	None	None	Partial	6,7
CVE-2016-9812	Oracle Linux	gstreamer1-plugins-bad-free	Yes	4.3	Network	Medium	None	None	None	Partial	7
CVE-2016-9813	Oracle Linux	gstreamer1-plugins-bad-free	Yes	4.3	Network	Medium	None	None	None	Partial	7
CVE-2016-9807	Oracle Linux	gstreamer1-plugins-good	Yes	4.3	Network	Medium	None	None	None	Partial	7
CVE-2016-7030	Oracle Linux	ipa	Yes	4.3	Network	Medium	None	None	None	Partial	7
CVE-2016-5554	Oracle Linux	java-1.6.0-openjdk	Yes	4.3	Network	Medium	None	None	Partial	None	5,6,7
CVE-2016-9895	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	None	Partial	None	6,7
CVE-2016-9900	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-9901	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-9902	Oracle Linux	thunderbird	Yes	4.3	Network	Medium	None	Partial	None	None	6,7
CVE-2016-6828	Oracle Linux	Unbreakable Enterprise kernel	No	3.6	Local	Low	None	None	Partial	Partial	6,7
CVE-2016-6828	Oracle Linux	kernel	No	3.6	Local	Low	None	None	Partial	Partial	6
CVE-2016-6828	Oracle Linux	Unbreakable Enterprise kernel	No	3.6	Local	Low	None	None	Partial	Partial	5,6
CVE-2016-9809	Oracle Linux	gstreamer-plugins-bad-free	Yes	2.6	Network	High	None	None	None	Partial	7
CVE-2016-9809	Oracle Linux	gstreamer1-plugins-bad-free	Yes	2.6	Network	High	None	None	None	Partial	7
CVE-2016-5542	Oracle Linux	java-1.6.0-openjdk	Yes	2.6	Network	High	None	None	Partial	None	5,6,7
CVE-2016-5597	Oracle Linux	java-1.6.0-openjdk	Yes	2.6	Network	High	None	Partial	None	None	5,6,7