View Single Post
  #1   (View Single Post)  
Old 27th February 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default New holes discovered in latest Java versions

From http://h-online.com/-1810990

Quote:
Security Explorations has informed Oracle of two new vulnerabilities in Java, "issue 54" and "issue 55", which it says can be combined to completely bypass Java's sandbox security. Adam Gowdiak, researcher at Security Explorations, told Softpedia that the problems are specific to Java 7 SE versions, and allow abuse of the Reflection API in Java, "in a particularly interesting way".

[snip]

Java security flaws have been making the headlines recently, especially after companies including Twitter, Apple, Microsoft and Facebook found attackers had, using Java flaws, hijacked iPhoneDevSDK forums to deliver malware to employee laptops.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote