The Java vulnerability is mentioned at  today.  However, nobody will know what it is talking about a ...
samiux 發表於 2013-1-12 16:56



    they are not the same as yours, that vulnerability will just affect 1.7-1.7.9 jre, which of cuz includes linux machines

TOP

本帖最後由 muteki 於 2013-1-12 18:27 編輯
they are not the same as yours, that vulnerability will just affect 1.7-1.7.9 jre

Actually I don't think that's necessarily true.  What they are describing is the vulnerability demonstrated by Blackhole and Nuclear Pack which affects more than one specific version (Java 7 update 10 is included).  Feel free to look at the references links and the actual CVE (CVE-2013-0422), you will see lot more details there.

TOP

Actually I don't think that's necessarily true.  What they are describing is the vulnerability demo ...
muteki 發表於 2013-1-12 18:25


Thank you.

For further information, you can refer to this reference.

Samiux

TOP

本帖最後由 CamEL_ 於 2013-1-14 04:51 編輯

FYI, Oracle jre 1.7.0.11 released, but seem just raised applets security level from Normal to High

TOP

Please refer to my test result on Java 7 Update 11 at "Security Discussions" of Ubuntu Forums.

Please also refer to my test result on Java 7 Update 10 at "Security Discussions" of Ubuntu Forums.

Samiux

TOP

Further to my previous message about Java 7 Update 10 vulnerability.

Oracle has released the Java 7 Update 11 and claimed that the vulnerabilities have been fixed.  However, the 0day vulnerability has not been fixed according to some information.  Please read this link for more details : http://krebsonsecurity.com/2013/ ... hes-5000-per-buyer/

For Windows, Mac OSX and Linux users who has been updated to Java 7 Update 11 or not yet applied the patch, please disable the plugin from your browser.  If any website that requires the Java plugin, such as HK Government sites and some banking sites, you must disable the plugin after use.

For Ubuntu users who has been updated to Java 7 Update 11, you can apply the Apparmor to increase the security of the Firefox.  For the users that do not apply the patch, Firefox will disable the plugin by default.  For implement of Apparmor for Firefox, please read this link : http://samiux.blogspot.hk/2012/0 ... efox-on-ubuntu.html

Samiux

TOP

Hi all,

This link is my finding on the Java vulnerability plugin.

Samiux

TOP

自己超過十年以上從來唔裝 java, 句號.

用唔到既野算。

TOP