1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Java flaw re-emerges due to broken patch

Discussion in 'CSO' started by RSS, Mar 11, 2016.

  1. RSS

    RSS New Member Member

    A patch for a critical Java flaw released by Oracle in 2013 is ineffective and can be easily bypassed, security researchers warn. This makes the vulnerability exploitable again, paving the way for attacks against PCs and servers running the latest versions of Java.

    The flaw, tracked as CVE-2013-5838 in the Common Vulnerabilities and Exposures (CVE) database, was rated by Oracle 9.3 out of 10 using the Common Vulnerability Scoring System (CVSS). It can be exploited remotely, without authentication, to completely compromise a system's confidentiality, integrity and availability.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page