Re: So whats up with the 11.2 java security hole?

From: John Hurley <>
Date: Tue, 9 Feb 2010 11:25:37 -0800 (PST)
Message-ID: <>

On Feb 8, 10:52 am, "Vladimir M. Zakharychev" <> wrote:


> Well, the weekend's over, been 4 (if I didn't miscalculate) days since
> disclosure and guess what - no alert from Oracle still. Neither public
> at, nor
> paying-customer-only at MOS, nor on their security blogs... Even a
> simple acknowledgment that they are aware and are working on a fix
> would do at this point... Do they think that if they just ignore the
> threat it will eventually go away? Or are they too busy rebranding Sun
> sites and cleaning up after CVE-2010-0073? (this one's a nice BEA
> heritage, full-fledged user-friendly backdoor, even no need to compose
> and inject shellcode to instantiate one of your own...)
> [/rant]

Well the web logic alert is out now ... so maybe Oracle corp is about ready to get this one out next ... maybe. Received on Tue Feb 09 2010 - 13:25:37 CST

Original text of this message