As a result, two new security vulnerabilities were spotted in a recent version of Java SE 7 code and they were reported to Oracle today (along with a working Proof of Concept code). ![]() However, instead of relying on this particular bug, we have decided to dig our own issues. MBeanInstantiator bug (or rather a lack of a fix for it) turned out to be quite inspirational for us. We have successfully confirmed that a complete Java security sandbox bypass can be still gained under the recent version of Java 7 Update 11. Last Friday, Adam Gowdiak, CEO of Security Explorations, reported yet another series of problems with the latest version of Java: By the next day, exploits started appearing that took advantage of the Update 11 code. No doubt you've heard the news: Oracle released Java 7, Update 11 on Jan.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |