Oracle will be required to provide users with a mechanism to uninstall older and vulnerable versions of Java, following a settlement with the Federal Trade Commission.
Tag Archives: Java vulnerabilities
Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes
Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.
Java Reflection API Woes Resurface in Latest Oracle Patches
Oracle’s Critical Patch update addresses 154 vulnerabilities, many of which are remotely exploitable. Security Explorations of Poland, meanwhile, published details on a number of Java flaws in the Java Reflection API.