Java vulnerability

Oracle appears to have fixed the vulnerability on Saturday.  To be fair Oracle got this fixed pretty fast.

The specific problem appears to have been located specifically with the MBeanInstantiator

Oracle has reported on their fix:

The glitch is only in the JDK7 version of the software, and it "does not affect Java applications directly installed and running on servers, desktops, laptops and other devices," the company said.

What was the security hack and where do you get the information about these kinds of security hits? From the National Vulnerability Database! 

 

The Specific Alert was shown at the following location:

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0422

With specifics shown at the site: https://www.kb.cert.org/vuls/id/625617

This article was written for students taking the CS 332C class.  Reading these articles are optional readings that any software app developer should know about.