Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: New vulnerability found in Java 7u15 plugin - 2013-02-25

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Oracle Corporation
And, this specific program:
Oracle Java JRE 1.7.x / 7.x

This thread has been marked as locked.
ve2mrx New vulnerability found in Java 7u15 plugin - 2013-02-25
Member 26th Feb, 2013 05:16
Ranking: -1
Posts: 22
User Since: 16th Feb, 2008
System Score: 99%
Location: Montreal, CA
Firefox just disabled the Java 7 update 15 plugin (PC, x86 for me) .

Here is Mozilla's "Bug" report where the decision was taken:
https://bugzilla.mozilla.org/show_bug.cgi?id=84337...

Not flagged by PSI yet.

Hard info not easy to find as everything seems related to the bugs FIXED in Java 7u15, instead of the bugs IN Java 7u15.

I could not find any related info on Oracle's web site. I expect the info to appear, when available, there:
http://www.oracle.com/technetwork/topics/security/...

Look for "View the most recent Critical Patch Update Advisory".

I'm waiting for more info. Until then, those using Firefox will see the plugin blocked.

Martin
Montreal, QC, Canada

mogs RE: New vulnerability found in Java 7u15 plugin - 2013-02-25
Expert Contributor 26th Feb, 2013 08:54
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
There's some info here :-
February 25th, 2013, 09:52 GMT By Eduard Kovacs
Zero-Day Vulnerability Affecting Java 7 Update 15 and Earlier Versions Identified


Researchers from Polish firm Security Explorations have identified another serious vulnerability in Java 7. The experts say Java SE 7 Update 15 and all earlier versions are affected.

http://news.softpedia.com/news/Zero-Day-Vulnerabil...


--
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability