2 matches found
Oracle Java SE Security Sandbox Escape (CVE-2013-5838; CVE-2016-0636)
A Java security sandbox escape vulnerability exists in Oracle Java SE, due to an input validation error. A remote attacker could entice a user running a browser which uses an affected Oracle Java SE release to visit a malicious web page that leverages this vulnerability. Successful exploitation c...
Sandbox-Bypass Exploits Hacks Java 7u21 Update
Optimism and praise followed last week’s Java critical patch update. Oracle not only patched 42 vulnerabilities in the Java browser plug-in, but also added new code-signing restrictions and new prompts warning users when applets are potentially malicious. It took less than a week, however, to...