On Oct 16, 2012, Oracle corporation released Java SE Critical Patch Update, which incorporated fixes for 19 security issues that Security Explorations reported to the company earlier this year. This included a fix for a serious issue found shortly after the out-of-band patch was released by Oracle on Aug 30, 2012. This is yet another update to the saga of SE-2012-01.
6b5435fb50ec423d0d75cecaf2ec4e9f387a00115a379abfa7af4f7c3ac321d8Security Explorations has announced that they have discovered yet another sandbox bypass of Oracle Java and have reported little in the way of details until the vendor fixes the issue. It currently affects all versions of Java. It's probably best to just keep Java off in your browser for now.
37fdc8d80a0b4d0df3960ac7a955595a2cb6e9d1152e90d378fc9a7f71ec1745Security Explorations discovered multiple security vulnerabilities in IBM SDK, Java Technology Edition software. This is IBM's implementation of Java SE technology for AIX, Linux, z/OS and IBMi platforms. Among a total of 17 security weaknesses found, there are issues that can lead to the complete compromise of a target IBM Java environment.
867ac9eef17a67029d0c83a32794fd6f14dae99bbb8a7705e718b79b7bd50592Security Explorations does not agree with Apple's evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.
c2aeee9d3f479037cf3a1177e445be5a6068ad94532c3d4c68af96ada0b39421This is a presentation called Security Vulnerabilities of Digital Video Broadcast Chipsets. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.
b5085e8431fb1a7e2bbeb1de39c969addc0919c9cb22fbe8c72602adfcfcf41bThis is a presentation called Security Threats in the World of Digital Satellite Television. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.
61103d4ce9bcf58777deab4ee4ff4c33b39828de0f9c1efaefc51fa159e8fffcSecurity Explorations found 19 weaknesses in Java SE security that can allow for sandbox bypass.
4661663296ec5c8cd7a92c27196e3d31e5a2e1f0580d5ae12fa10ebb2109f69bBypass and malicious action vulnerabilities exist in the Java mobile technology as included with the Sun Wireless Toolkit version 2.5.2.
1f505dac18beb6e9fd267b8cde6249cf62d99f115a9f5cdcfafc12ac67f5ef59Two very serious security vulnerabilities in Java technology for mobile devices (Java 2 Micro Edition) affects about 250 million mobile phones coming from Nokia, Siemens, Panasonic, Samsung, Motorola and others. Sun has refused to release an alert regarding these issues. Information about these flaws has been published at Hack In the Box Security Conference earlier this month in Kuala Lumpur, Malaysia.
b5205c34f95361edb616b9b5160c4caade01ca0f30aebdbc019a5cfb22606cd6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed