Broken IBM Java Patch Prompts Another Disclosure

Current versions of IBM SDK 7 and SDK 8 remain vulnerable to a 2013 Java vulnerability. Security Explorations discovered the original patch is broken and disclosed details on the flaw and a proof-of-concept exploit. Continue reading Broken IBM Java Patch Prompts Another Disclosure

Broken 2013 Java Patch Leads to Sandbox Bypass

A patch for a critical 2013 Java vulnerability is incomplete, and exposes Java servers and clients to a sandbox bypass, researchers at Security Explorations of Poland said. Continue reading Broken 2013 Java Patch Leads to Sandbox Bypass