Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
BID:103848
CVE-2018-2815 |Info
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
| Bugtraq ID: | 103848 |
| Class: | Unknown |
| CVE: |
CVE-2018-2815 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 17 2018 12:00AM |
| Updated: | Apr 30 2018 10:00AM |
| Credit: | Apostolos Giannakidis of Waratek |
| Vulnerable: |
Oracle JRockit R28.3.17 Oracle JRE(Windows Production Release) 1.8 Update 162 Oracle JRE(Windows Production Release) 1.8 Update 161 Oracle JRE(Windows Production Release) 1.7 Update 171 Oracle JRE(Windows Production Release) 1.6 Update 181 Oracle JRE(Windows Production Release) 10.0.1 Oracle JRE(Solaris Production Release) 1.8 Update 162 Oracle JRE(Solaris Production Release) 1.8 Update 161 Oracle JRE(Solaris Production Release) 1.7 Update 171 Oracle JRE(Solaris Production Release) 1.6 Update 181 Oracle JRE(Solaris Production Release) 10.0.1 Oracle JRE(Linux Production Release) 1.8 Update 162 Oracle JRE(Linux Production Release) 1.8 Update 161 Oracle JRE(Linux Production Release) 1.7 Update 171 Oracle JRE(Linux Production Release) 1.6 Update 181 Oracle JRE(Linux Production Release) 10.0.1 Oracle JDK(Windows Production Release) 1.8 Update 162 Oracle JDK(Windows Production Release) 1.8 Update 161 Oracle JDK(Windows Production Release) 1.7 Update 171 Oracle JDK(Windows Production Release) 1.6 Update 181 Oracle JDK(Windows Production Release) 10.0.1 Oracle JDK(Solaris Production Release) 1.8 Update 162 Oracle JDK(Solaris Production Release) 1.8 Update 161 Oracle JDK(Solaris Production Release) 1.7 Update 171 Oracle JDK(Solaris Production Release) 1.6 Update 181 Oracle JDK(Solaris Production Release) 10.0.1 Oracle JDK(Linux Production Release) 1.8 Update 162 Oracle JDK(Linux Production Release) 1.8 Update 161 Oracle JDK(Linux Production Release) 1.7 Update 171 Oracle JDK(Linux Production Release) 1.6 Update 181 Oracle JDK(Linux Production Release) 10.0.1 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
Oracle Java SE and JRockit are prone to a remote security vulnerability.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component.
This vulnerability affects the following supported versions:
Java SE: 6u181, 7u171, 8u162, 10; Java SE Embedded: 8u161; JRockit: R28.3.17
Oracle Java SE and JRockit are prone to a remote security vulnerability.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component.
This vulnerability affects the following supported versions:
Java SE: 6u181, 7u171, 8u162, 10; Java SE Embedded: 8u161; JRockit: R28.3.17
Exploit / POC
Solution / Fix
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.