JNDI Vulnerability in Oracle Java SE and JRockit
CVE-2015-4749

Currently unrated

Key Information:

Vendor: Oracle
Status: Jrockit
Vendor: CVE Published:; 16 July 2015

Summary

An unspecified vulnerability in Oracle Java SE and JRockit products allows remote attackers to disrupt service availability. It is associated with JNDI vectors, which may be exploited in various configurations of the affected software, potentially enabling unauthorized actions within applications leveraging these Java environments. Users are advised to apply necessary updates to mitigate risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/75890

vdb-entryx_refsource_BID

http://rhn.redhat.com/errata/RHSA-2015-1243.html

vendor-advisoryx_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 16, 2015
Vulnerability Reserved
Jun 24, 2015