Current versions of IBM SDK 7 and SDK 8 remain vulnerable to a 2013 Java vulnerability. Security Explorations discovered the original patch is broken and disclosed details on the flaw and a proof-of-concept exploit.
Tag Archives: Java Patch
Emergency Java Patch Re-Issued for 2013 Vulnerability
Oracle yesterday released an emergency patch for a Java vulnerability that was improperly patched in 2013.
Broken 2013 Java Patch Leads to Sandbox Bypass
A patch for a critical 2013 Java vulnerability is incomplete, and exposes Java servers and clients to a sandbox bypass, researchers at Security Explorations of Poland said.
Critical Java Bug Extends to Oracle, IBM Middleware
Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts.