Posts Tagged ‘Oracle vulnerability’

Java DangerAccording to the statements of experts discovered vulnerability allows an attacker to bypass the sandbox Java.

Representatives of the Polish company Security Explorations announced the discovery of a new vulnerability in Java 7, which allows an attacker to bypass the sandbox software and execute arbitrary code on the system.

To confirm the presence of gaps Adam Gowdiak, CEO and founder of Security Explorations, sent a notice to the PoC-code vulnerability in Oracle. According to the researcher, the vulnerability is present in the Reflection API – functions in Java 7. In the Security Explorations confirmed that the PoC-exploit code works for Java SE 7 Update 25 and earlier versions. (more…)