Oracle Java SE is vulnerable to privilege escalation vulnerability. The vulnerability exists in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE due to some unknown processing of the component JNDI. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded, JRockit with the aid of human interaction from a person other than the attacker impacting confidentiality, integrity, and availability of the system.
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
www.securityfocus.com/bid/105608
www.securitytracker.com/id/1041889
access.redhat.com/errata/RHSA-2018:2942
access.redhat.com/errata/RHSA-2018:2943
access.redhat.com/errata/RHSA-2018:3000
access.redhat.com/errata/RHSA-2018:3001
access.redhat.com/errata/RHSA-2018:3002
access.redhat.com/errata/RHSA-2018:3003
access.redhat.com/errata/RHSA-2018:3007
access.redhat.com/errata/RHSA-2018:3008
access.redhat.com/errata/RHSA-2018:3350
access.redhat.com/errata/RHSA-2018:3409
access.redhat.com/errata/RHSA-2018:3521
access.redhat.com/errata/RHSA-2018:3533
access.redhat.com/errata/RHSA-2018:3534
access.redhat.com/errata/RHSA-2018:3671
access.redhat.com/errata/RHSA-2018:3672
access.redhat.com/errata/RHSA-2018:3779
access.redhat.com/errata/RHSA-2018:3852
access.redhat.com/security/updates/classification/#important
lists.debian.org/debian-lts-announce/2018/11/msg00026.html
security.gentoo.org/glsa/201908-10
security.netapp.com/advisory/ntap-20181018-0001/
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03952en_us
usn.ubuntu.com/3804-1/
usn.ubuntu.com/3824-1/
www.debian.org/security/2018/dsa-4326