Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Critical Java vulnerability made possible by earlier incomplete patch

Posted by BernardSwiss on Jan 12, 2013 5:05 PM EDT
Ars Technica; By Dan Goodin

The critical Java vulnerability that is currently under attack was made possible by an incomplete patch Oracle developers issued last year to fix an earlier security bug, a researcher said.

According to Gowdiak, the latest vulnerability is a holdover from a bug (referred to here as Issue 32) that Security Explorations researchers reported to Oracle in late August. Oracle released a patch for the issue in October but it was incomplete, he said in an e-mail to Ars that was later published to the Bugtraq mailing list.

Full Story

Nav

» Read more about: Story Type: News Story, Security; Groups: Oracle

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.

Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

Critical Java vulnerability made possible by earlier incomplete patch

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

Critical Java vulnerability made possible by earlier incomplete patch

Linux News
The world is talking about GNU/Linux and Free/Open Source Software