Subversion
Written by: Lorna Jane Mitchell
Featured Refcardz: Top Refcardz:
  1. Git
  2. DNS
  3. Data Mining
  4. Spring Data
  5. Subversion
  1. Spring Data
  2. Subversion
  3. Spring Config.
  4. Spring Annotations
  5. Data Mining
150+ Refcardz Available · Get them all

Link Details

Previous | Next

Surprise Me!

Link 934099 thumbnail
User 448255 avatar

By dotCore
via threatpost.com
Published: Mar 06 2013 / 08:12

Prompted by Oracle Rejection, Researcher Finds Five New Java Sandbox Vulnerabilities
Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn’t end well or the vendor in question—in this case Oracle. Polish security firm Security Explorations, noteworthy for its Java security research, said today it reported five new vulnerabilities in Java SE 7 to Oracle. If combined, researcher Adam Gowdiak said, they can be used to gain a complete bypass of the Java sandbox.
Vote up
Vote down
  • 8
  • 0
  • 586
  • 865
SaveShareSend Tags: , , ,

Comments

Add your comment
User 161039 avatar

mheath replied ago:

1 votes Vote down Vote up Reply

"Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn’t end well or the vendor in question." How does this not end well? In the end, 5 problems were found and now they can be fixed. You can't fix a problem that you don't know about. In the end, this is good for the vendor because they're product will be better. In the short term, it's not good because of the bad publicity.

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (8)



Voters Against This Link (0)