Trend Micro Security

Oracle Java SE JNDI Remote Code Execution Vulnerability (CVE-2014-0422)

  危険度: : 緊急
  CVE識別番号: 2014-0422

  概要

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1005899
  Trend Micro Deep Security DPI Rule Name: 1005899 - Oracle Java SE JNDI Remote Code Execution Vulnerability (CVE-2014-0422)

  影響を受けるソフトウェア

  • oracle jdk 1.5.0
  • oracle jdk 1.6.0
  • oracle jdk 1.7.0
  • oracle jre 1.5.0
  • oracle jre 1.6.0
  • oracle jre 1.7.0