Oracle Corporation Information for VU#576313

Apache Commons Collections Java library insecurely deserializes data

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Oracle has released a security advisory at the URL below:

Vendor References

http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793&sh=&cmid=WWSU12091612MPP001C179

https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.