---

CVE-2017-10107 - log back

CVE-2017-10107 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Access restriction bypass
Description	+ It was discovered that the implementation of the ActivationID class in the RMI component of OpenJDK failed to properly perform access control checks. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
References	+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/97ea41335486
Notes