Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[SE-2012-01] New Reflection API affected by a known 10+ years old attack
Jul 18 2013 04:50AM
Security Explorations (contact security-explorations com)
We discovered yet another indication that new Reflection API introduced
into Java SE 7 was not a subject to a thorough security review (if any).
A new vulnerability (Issue 69) that was submitted to Oracle today makes
it possible to implement a very classic attack against Java VM. What'...
[ more ]
Copyright 2010, SecurityFocus