Re: So whats up with the 11.2 java security hole?

From: Vladimir M. Zakharychev <vladimir.zakharychev_at_gmail.com>
Date: Mon, 8 Feb 2010 07:52:14 -0800 (PST)
Message-ID: <08aa1821-1587-4607-9471-497b78a50cfe_at_h2g2000yqj.googlegroups.com>

On Feb 7, 2:47�am, John Hurley <johnbhur..._at_sbcglobal.net> wrote:
> Based on David Litchfield ...
>
> http://www.computerworld.com/s/article/9151318/Black_Hat_Zero_day_hac...

[rant]
Well, the weekend's over, been 4 (if I didn't miscalculate) days since disclosure and guess what - no alert from Oracle still. Neither public at http://www.oracle.com/technology/deploy/security/alerts.htm, nor paying-customer-only at MOS, nor on their security blogs... Even a simple acknowledgment that they are aware and are working on a fix would do at this point... Do they think that if they just ignore the threat it will eventually go away? Or are they too busy rebranding Sun sites and cleaning up after CVE-2010-0073? (this one's a nice BEA heritage, full-fledged user-friendly backdoor, even no need to compose and inject shellcode to instantiate one of your own...) [/rant]

Regards,
  Vladimir M. Zakharychev
  N-Networks, makers of Dynamic PSP(tm)
  http://www.dynamicpsp.com Received on Mon Feb 08 2010 - 09:52:14 CST

This message: [ Message body ]
Next message: gs: "rant - does oracle know how to design a website?"
Previous message: Johne_uk: "Re: Physical Standby Database and v$Recover_file Query"
In reply to: John Hurley: "So whats up with the 11.2 java security hole?"
Next in thread: John Hurley: "Re: So whats up with the 11.2 java security hole?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message