IcedTeaWeb: Multiple vulnerabilities

Background FOSS Java browser plugin and Web Start implementation. Description Multiple vulnerabilities have been discovered in IcedTeaWeb. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

Oracle to Kill Java Plugin

It’s the end of an era. Oracle has announced its intent to nail the coffin shut on the Java browser plugin. The company confirmed Wednesday that it expects to deprecate the plugin in JDK 9, slated for release in September, and JRE, in a future Java SE release. Dalibor Topic, a member of Oracle’s...

Two new Java zero-day vulnerabilities reported to Oracle

A Polish security firm 'Security Explorations' reported two new Java zero-day vulnerabilities, as “issue 54” and “issue 55,” with proof of concept code to Oracle. Oracle's security team is currently investigating the issue, but the status flaws not yet confirmed by Oracle. Less than a week after...

Mac OS X : Java for OS X 2012-004

The remote Mac OS X 10.7 host is running a version of Java for Mac OS X that is missing update 2012-004, which updates the Java version to 1.6.033. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code...