Oracle will be required to provide users with a mechanism to uninstall older and vulnerable versions of Java, following a settlement with the Federal Trade Commission.
Tag Archives: oracle security
Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes
Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.
PeopleSoft Vulnerabilities Elevate ERP Security Issues
A dozen vulnerabilities, including three critical architectural issues, in PeopleSoft implementations were discussed this week at Hack in the Box, putting ERP security in the spotlight.
Oracle Patches VENOM Vulnerability
Oracle on Saturday released its patch for the VENOM vulnerability, a guest escape flaw that affects many virtualization platforms.
Oracle Patches Backdoor Vulnerability, Recommends Disabling SSL
Oracle’s January 2015 Critical Patch update includes a fix for a backdoor found in the Oracle E-Business Suite by researcher David Litchfield. The patch is among 169 released in the CPU.
Java Reflection API Woes Resurface in Latest Oracle Patches
Oracle’s Critical Patch update addresses 154 vulnerabilities, many of which are remotely exploitable. Security Explorations of Poland, meanwhile, published details on a number of Java flaws in the Java Reflection API.