JVNDB-2017-008825
|
������ Oracle Java ���i�ɂ����� Serialization �Ɋւ���Ǝ㐫
|
|
Oracle Java SE�AJava SE Embedded ����� JRockit �ɂ́ASerialization �Ɋւ��鏈���ɕs�������邽�߁A�p���ɉe���̂���Ǝ㐫�����݂��܂��B
|
|
CVSS v3 �ɂ��[���x
��{�l: 5.3 (�x��) [NVD�l]
- �U�����敪: �l�b�g���[�N
- �U�������̕��G��: ��
- �U���ɕK�v�ȓ������x��: �s�v
- ���p�҂̊֗^: �s�v
- �e���̑z��͈�: �ύX�Ȃ�
- �@�����ւ̉e��(C): �Ȃ�
- ���S���ւ̉e��(I): �Ȃ�
- �p���ւ̉e��(A): ��
CVSS v2 �ɂ��[���x
��{�l: 5.0 (�x��) [NVD�l]
- �U�����敪: �l�b�g���[�N
- �U�������̕��G��: ��
- �U���O�̔F�ؗv��: �s�v
- �@�����ւ̉e��(C): �Ȃ�
- ���S���ւ̉e��(I): �Ȃ�
- �p���ւ̉e��(A): �����I
|
|
|
�I���N��
- JDK 6 Update 161
- JDK 7 Update 151
- JDK 8 Update 144
- JDK 9
- JRE 6 Update 161
- JRE 7 Update 151
- JRE 8 Update 144
- JRE 9
- Oracle Java SE Embedded 8 Update 144
- Oracle JRockit R28.3.15
����
- Cosminexus Developer's Kit for Java(TM)
- Hitachi Application Server
- Hitachi Application Server for Developers
- Hitachi Developer's Kit for Java
- uCosminexus Application Server
- uCosminexus Application Server (64)
- uCosminexus Application Server Standard-R
- uCosminexus Application Server Enterprise
- uCosminexus Application Server Standard
- uCosminexus Client
- uCosminexus Developer
- uCosminexus Developer Professional
- uCosminexus Developer Standard
- uCosminexus Service Architect
- uCosminexus Service Platform
- uCosminexus Service Platform (64)
|
�{�Ǝ㐫�̉e�����鐻�i�̏ڍׂɂ��ẮA�x���_���юQ�l�������m�F���������B
|
|
�����[�g�̍U���҂ɂ��A�T�[�r�X�^�p�W�Q (DoS) �U�����s����\��������܂��B
|
|
�x���_��萳���ȑ��J����Ă��܂��B�x���_�����Q�Ƃ��ēK�ȑ�����{���Ă��������B
|
|
�I���N��
����
�x�m��
|
|
- ���s��(CWE-noinfo) [NVD�]��]
|
|
- CVE-2017-10281
|
|
- National Vulnerability Database (NVD) : CVE-2017-10281
- IPA �d�v�ȃZ�L�����e�B��� : Oracle Java �̐Ǝ㐫��ɂ���(CVE-2017-10346��)
- JPCERT ���ӊ��N : JPCERT-AT-2017-0041
|
|
- [2017�N10��27��]
�f��
[2017�N10��30��]
�e������V�X�e���F�x���_���̒lj��ɔ������e���X�V
�x���_���F���� (hitachi-sec-2017-131) ��lj�
|
