Security Research shows 30 technical details along with exploit code in oracle’s Java Cloud. Some of these exploits allows to modify user’s data and even execute malacious codes.
Poland-based Security Explorations typically withholds such public airings until after any vulnerabilities have been fixed to prevent them from being exploited maliciously.
The researchers broke from that tradition this week after Oracle representatives failed to resolve issues including bypasses of the Java security sandbox, bypasses of Java whitelisting rules, the use of shared WebLogic server administrator passwords, and the availability of plain-text use passwords stored in some systems.
Oracle unveiled the Java Cloud Service in 2011 and held it up as a way to better compete against Salesforce.com
View full post on Who Got Hacked – Latest Hacking News and Security Updates