days
0
1
hours
1
5
minutes
3
8
seconds
3
1
search
Java SE 6u20

Oracle Patch Ormandy’s Security Vulnerability

Jessica Thornsby

Oracle have released a patch for Java SE 6, which rectifies the vulnerability in Java Web Start.

The vulnerability was first identified by Tavis Ormandy, who filed a proof of concept earlier this week. A few days afterwards, AVG Technologies reported they had identified an attack server that was exploiting this vulnerability.

This patch, prevents a Java Network Launch Protocol file without a codebase parameter from working. It can be downloaded now.

Author
Comments
comments powered by Disqus