---

CVE-2017-10074 - log back

CVE-2017-10074 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ It was discovered that the Hotspot component of OpenJDK did not properly check for integer overflows when generating range check loop predicates. An untrusted Java application or applet could use this flaw to corrupt JVM memory and cause it to crash or, possibly, execute arbitrary code, bypassing Java sandbox restrictions.
References	+ http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/37ba410ffd43
Notes