Tuesday, May 25, 2010

Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability

From SecurityFocus:

"Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition."

Descritpion - http://www.securityfocus.com/bid/39077/discuss
PoC exploit code - http://www.securityfocus.com/bid/39077/exploit
List of affected versions - http://www.securityfocus.com/bid/39077/info

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

No comments:

Post a Comment