Forum Thread: New vulnerability found in Java 7u15 plugin - 2013-02-25

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Oracle Corporation
And, this specific program:
Oracle Java JRE 1.7.x / 7.x

This thread has been marked as locked.
ve2mrx New vulnerability found in Java 7u15 plugin - 2013-02-25
Member 26th Feb, 2013 05:16
Ranking: -1
Posts: 22
User Since: 16th Feb, 2008
System Score: 99%
Location: Montreal, CA
Firefox just disabled the Java 7 update 15 plugin (PC, x86 for me) .

Here is Mozilla's "Bug" report where the decision was taken:
https://bugzilla.mozilla.org/show_bug.cgi?id=84337...

Not flagged by PSI yet.

Hard info not easy to find as everything seems related to the bugs FIXED in Java 7u15, instead of the bugs IN Java 7u15.

I could not find any related info on Oracle's web site. I expect the info to appear, when available, there:
http://www.oracle.com/technetwork/topics/security/...

Look for "View the most recent Critical Patch Update Advisory".

I'm waiting for more info. Until then, those using Firefox will see the plugin blocked.

Martin
Montreal, QC, Canada

mogs RE: New vulnerability found in Java 7u15 plugin - 2013-02-25
Expert Contributor 26th Feb, 2013 08:54
Score: 2265
Posts: 6,269
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
There's some info here :-
February 25th, 2013, 09:52 GMT By Eduard Kovacs
Zero-Day Vulnerability Affecting Java 7 Update 15 and Earlier Versions Identified


Researchers from Polish firm Security Explorations have identified another serious vulnerability in Java 7. The experts say Java SE 7 Update 15 and all earlier versions are affected.

http://news.softpedia.com/news/Zero-Day-Vulnerabil...


--
Was this reply relevant?
+0
-0

This thread has been marked as locked.