Java Unserialize Remote Code Execution Vulnerability
2016年10月5日
危険度: 緊急
概要
There is an unknown Java unserialization vulnerability in third-party Java libraries that could be used to remotely exploit Java based web applications. Serialization is a process in which an object is converted to a stream of bytes in order to store or transmit that object to memory or a file. The process in which serialized data is extracted is called unserialization and it can lead to major security issues if not handled properly.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1007185