vulnerability
Oracle Solaris 11: CVE-2017-5645: Vulnerability in Apache Ant
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | 2017-04-17 | 2021-01-19 | 2022-02-17 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
2017-04-17
Added
2021-01-19
Modified
2022-02-17
Description
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Solution
oracle-solaris-11-4-upgrade-developer-build-ant-1-10-7-11-4-21-0-1-69-0
References
- BID-97702
- CVE-2017-5645
- https://attackerkb.com/topics/CVE-2017-5645
- REDHAT-RHSA-2017:1417
- REDHAT-RHSA-2017:1801
- REDHAT-RHSA-2017:1802
- REDHAT-RHSA-2017:2423
- REDHAT-RHSA-2017:2633
- REDHAT-RHSA-2017:2635
- REDHAT-RHSA-2017:2636
- REDHAT-RHSA-2017:2637
- REDHAT-RHSA-2017:2638
- REDHAT-RHSA-2017:2808
- REDHAT-RHSA-2017:2809
- REDHAT-RHSA-2017:2810
- REDHAT-RHSA-2017:2811
- REDHAT-RHSA-2017:2888
- REDHAT-RHSA-2017:2889
- REDHAT-RHSA-2017:3244
- REDHAT-RHSA-2017:3399
- REDHAT-RHSA-2017:3400
- REDHAT-RHSA-2019:1545
- URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.