Saturday, March 18, 2017
Home / Security / Exploits / Five Zero-Day Vulnerabilities found in Java

Five Zero-Day Vulnerabilities found in Java

Java 0dayA week after revealing two Java exposures, a Polish security firm accounted for finding five more in the latest edition of Java. When used collectively, the new holes could bypass the technology’s sandbox in order to run malware on the targeted machine.

Security Explorations gave notice to Oracle Monday of the exposures in Java SE 7 Update 15. Along with details of the flaws, Security Explorations also supplied proof of concept code (POC).

The latest find came after Oracle declined one of the bugs Security Explorations reported Feb. 25. “It made us look into Java SE 7 code and its docs once again, gathering counterargument material,” Adam Gowdiak, chief executive of the company, said in a post on SecLists.org.

Oracle pushed Java SE 7 Update 15 on Feb. 19, bundling patches issued Feb. 1 in an emergency update fixing five additional flaws. The next regularly scheduled update is scheduled for April 16.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …