This is the second one in a week, See Also - Researchers Bypass Patch for Old IBM Java Flaw
By Eduard Kovacs on April 13, 2016
Researchers have identified another IBM Java patch that can be easily bypassed and claim the vendor failed to properly analyze the vulnerability they reported back in 2013.
In 2012 and 2013, as part of its Java SE research project, Security Explorations discovered more than 70 vulnerabilities in the Java implementations of Oracle and IBM. Patches have been released for most of the issues, but an analysis conducted by the research firm has revealed that some of the fixes don’t address the root cause of the flaws.
In a post published on Monday on the Full Disclosure mailing list, Security Explorations founder and CEO Adam Gowdiak reported that IBM’s fix for CVE-2013-5456, dubbed “issue 70,” is not efficient.
Full Article
Another IBM Java Patch Bypassed by Researchers
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.