By Eduard Kovacs on April 05, 2016
A patch released by IBM in 2013 for a Java sandbox escape vulnerability can be easily bypassed, according to the security firm that discovered and reported the issue.
In 2012 and 2013, as part of its Java SE security research project, Poland-based Security Explorations found more than 70 vulnerabilities in Oracle and IBM Java implementations.
The vendors released patches for most of the vulnerabilities over the next months, but Security Explorations has noticed that some of the fixes released by IBM and Oracle could be easily bypassed.
Full Article
Researchers Bypass Patch for Old IBM Java Flaw
Userlevel 7
+54
Userlevel 7
Anything that affects Java is a complete minefield and the last thing we need is more of such vulnerabilities...the miscreants favourite exploit vector at one stage. :(
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.