Oracle confirms existence of another critical Java flaw

By | September 11, 2012

Source: Help Net Security

In this article “When Oracle finally patched the CVE-2012-4681 Java 0-day that was being actively exploited in the wild, Polish firm Security Explorations immediately piped up to say they found a similar one that could very soon put Java users in danger again.
“The out-of-band patch released by Oracle yesterday, among other things fixed the exploitation vector with the use of SunToolkit class, the one we used in our proof of concept codes. This made many of them not working…Till today,” the company’s CEO Adam Gowdiak shared at the time.”

Leave a Reply