Oracle Java JRE Insecure Executable Loading Vulnerability
Gravité: : Critique
Date du conseil: 21 juillet 2015
Description
The vulnerability is caused due to the application loading an executable file in an insecure manner when an out of memory condition occurs. This can be exploited to execute arbitrary programs by tricking a user into e.g. opening a HTML file, which loads an applet located on a remote WebDAV or SMB share.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004737
Trend Micro Deep Security DPI Rule Name: 1004737 - Oracle Java JRE Insecure Executable Loading Vulnerability
Affected software and version:
- Sun Java JRE