Link Details

Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn’t end well or the vendor in question—in this case Oracle. Polish security firm Security Explorations, noteworthy for its Java security research, said today it reported five new vulnerabilities in Java SE 7 to Oracle. If combined, researcher Adam Gowdiak said, they can be used to gain a complete bypass of the Java sandbox.

Posted by dotCore  |   Mar 06 2013 / 08:12

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Comments

User 161039 avatar

mheath replied ago:

"Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn’t end well or the vendor in question." How does this not end well? In the end, 5 problems were found and now they can be fixed. You can't fix a problem that you don't know about. In the end, this is good for the vendor because they're product will be better. In the short term, it's not good because of the bad publicity.

Reply 1 votes

Recommended Links

Scala
Written by: Ryan Knight
Featured Refcardz: Top Refcardz:
  1. Apache Hadoop
  2. Play
  3. Akka
  4. Debugging JavaScript
  5. Design Patterns
  1. Apache Hadoop
  2. REST
  3. Java
  4. Git
  5. Java Performance
Connect with DZone