Intrusion Prevention

Oracle.Java.SE.OCSP.nextUpdate.Replay.Attack

Description

This indicates an attack attempt to exploit a Replay Attack vulnerability in Oracle Java SE.
The vulnerability is due to an error in the application when handling a maliciously crafted request. A remote attacker may be able exploit this to bypass security features in the vulnerable application via crafted packets.

Affected Products

Oracle Java SE 6u95 and prior
Oracle Java SE 7u80 and prior
Oracle Java SE 8u45 and prior
Oracle Java SE Embedded 7u75 and prior
Oracle Java SE Embedded 8u33 and prior
Oracle JRockit R28.3.6 and prior

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA

CVE References

CVE-2015-4748