Asymmetric denial of service - ReDoS In java-1.6.0-openjdk
Description
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 rpm rhel5 | 1:1.6.0.0-3.1.13.1.el5_10 | ||
rpm rhel5 | 1:1.7.0.51-2.4.4.1.el5_10 | ||
rpm rhel6 | 1:1.6.0.0-3.1.13.1.el6_5 | ||
rpm rhel6 | 1:1.7.0.51-2.4.4.1.el6_5 |
Aliases
1. 2. 3.