CVE-2017-10116

Source
Severity High
Remote Yes
Type Privilege escalation
Description
It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers.
Group Package Affected Fixed Severity Status Ticket
AVG-380 jdk7-openjdk 7.u131_2.6.9-1 7.u151_2.6.11-1 Critical Fixed
Date Advisory Group Package Severity Description
12 Aug 2017 ASA-201708-8 AVG-380 jdk7-openjdk Critical multiple issues
References
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/73dd1557f0ef