CVE-2016-3425: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows rem
infovulnerability
security
Summary
CVE-2016-3425 is an unspecified vulnerability in Oracle Java SE (versions 6u113, 7u99, and 8u77), Java SE Embedded 8u77, and JRockit R28.3.9 that affects a component called JAXP (Java API for XML Processing, which handles XML documents). Remote attackers could exploit this vulnerability to disrupt service availability, though the exact attack method is not detailed in this notice.
Vulnerability Details
CVSS Score
5
EPSS (30-day exploit probability)
EPSS: 9.1%
Classification
Attack SophisticationModerate
Original source: https://nvd.nist.gov/vuln/detail/CVE-2016-3425
First tracked: February 15, 2026 at 08:43 PM
Classified by LLM (prompt v3) · confidence: 95%