A security researcher has published technical details and attack code for dozens of security flaws claimed to affect Oracle’s Java Cloud Service, including some that could allow an attacker to remotely attack apps hosted in its data centers. Security Explorations, a Poland-based company headed up by Java security specialist Adam Gowdiak, has spilled the beans on 30 flaws it says affect customers of Oracle’s Java Cloud at its US and EMEA region datacentres.
Two Takes
View TECHi Stance
Researchers expose vulnerabilities in Oracle’s Java Cloud Service
Arstechnica
View all Arstechnica Two Takes by TECHi
Read the original story
Published April 3, 2014
TECHi's Take
Researchers have released technical details and attack code for 30 security issues affecting Oracle’s Java Cloud Service. Some of the issues make it possible for attackers to read or modify users’ sensitive data or to execute malicious code, the researchers warned. Poland-based Security Explorations typically withholds such public airings until after any vulnerabilities have been fixed to prevent them from being exploited maliciously. The researchers broke from that tradition this week after Oracle representatives failed to resolve issues including bypasses of the Java security sandbox, bypasses of Java whitelisting rules, the use of shared WebLogic server administrator passwords, and the availability of plain-text use passwords stored in some systems.
NOTE: TECHi Two-Takes are the stories we have chosen from the web along with a little bit of our opinion in a paragraph. Please check the original story in the Source Button below.
Balanced Perspective
TECHi weighs both sides before reaching a conclusion.
TECHi’s editorial take above outlines the reasoning that supports this position.
More Two Takes from Arstechnica
The strongest net neutrality rules that the United States has ever seen were approved by the FCC in a highly-anticipated…
It's been almost a year and a half since it was revealed that the NSA installed backdoors into several common cryptography…
Regardless of how you feel about 4chan, you can't deny how important the website has been in making the internet what…
T-Mobile may be an “Un-carrier” but it’s not a charity, it’s here to make money. So while its new Data Stash…