Sandbox Restrictions Bypass

blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html

blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/

icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.4/NEWS

immunityproducts.blogspot.ca/2013/01/confirmed-java-only-fixed-one-of-two.html

krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/

labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/

lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html

malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html

rhn.redhat.com/errata/RHSA-2013-0156.html

rhn.redhat.com/errata/RHSA-2013-0165.html

seclists.org/bugtraq/2013/Jan/48

www.kb.cert.org/vuls/id/625617

www.mandriva.com/security/advisories?name=MDVSA-2013:095

www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html

www.ubuntu.com/usn/USN-1693-1

www.us-cert.gov/cas/techalerts/TA13-010A.html

access.redhat.com/security/updates/classification/#important

partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf

rhn.redhat.com/errata/RHSA-2013-0165.html

threatpost.com/en_us/blogs/nasty-new-java-zero-day-found-exploit-kits-already-have-it-011013

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018

www-304.ibm.com/connections/blogs/PSIRT/entry/oracle_java_7_security_manager_bypass_vulnerability_cve_2013_04224?lang=en_us