« IIS6.0 WebDav Unicode Remote Auth Bypass | Main | SamuraiWTF live web testing framework 0.6 released »

Java Flaw still not fixed in Mac OS X

"According to Julien Tinnes in the CR0 Blog, it appears that Apple's recent security update failed to fix a Java flaw that was reported to Sun back in August 2008 and patched by Sun way back in December 2008.  The upshot: according to the blog (and I've yet to be able to independently confirm it) any browser on OSX that uses the Apple-supplied version of Java is vulnerable to remote exploitation against a class of flaws known as Java deserialization vulnerabilities."

Read more: http://isc.sans.org/diary.html?storyid=6418


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!