Oracle Java JRE Insecure Executable Loading Vulnerability
Severity: : Critical
Advisory Date: 21 lipca 2015
DESCRIPTION
The vulnerability is caused due to the application loading an executable file in an insecure manner when an out of memory condition occurs. This can be exploited to execute arbitrary programs by tricking a user into e.g. opening a HTML file, which loads an applet located on a remote WebDAV or SMB share.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004737
Trend Micro Deep Security DPI Rule Name: 1004737 - Oracle Java JRE Insecure Executable Loading Vulnerability
AFFECTED SOFTWARE AND VERSION:
- Sun Java JRE