EUVD-2001-0989

Malware in sbrugna...

Security update for icedtea-web (important)

The icedtea-web java plugin was updated to 1.6.1. Changes included: Enabled Entry-Point attribute check permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. fixed DownloadService comments in deployment.properties now should...

October 2013 Oracle Java Critical Patch Update

On Tuesday, for the first time, Java security updates were included with the quarterly Oracle Critical Patch Update – and just as quickly, Java wasted no time elevating itself as the top concern for Oracle admins and security experts. Of the 51 Java patches released, 50 allow for remote code...

Oracle Sun Java fails to properly validate Java applet signatures

Overview Oracle Sun Java fails to properly validate Java applet signatures, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Signed Java applets have the ability to perform actions outside of the traditional Java sandbox, including...