luni, 14 ianuarie 2013

Java 7 fails to restrict access to privileged code

Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

What can happen?

A user to visit a specially crafted HTML document allow a remote attacker may be able to execute arbitrary code on a vulnerable system.

Read the article here.