This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes Security and the fly likes What are some of the most exploited security holes in java world? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "What are some of the most exploited security holes in java world?" Watch "What are some of the most exploited security holes in java world?" New topic
Author

What are some of the most exploited security holes in java world?

meenakshi sundar
Greenhorn

Joined: Jun 10, 2008
Posts: 13
.
David Svoboda
Author
Greenhorn

Joined: Oct 21, 2013
Posts: 13
    
    5

At this point the most widely exploited holes seem to be in Java's web browser plugin. They allow attackers to escape Java's security sandbox and run web apps with the same privileges that the browser uses. Java code that does not use Java's SecurityManager are (usually) not vulnerable to these exploits.


I blogged about this issue earlier this year.


[Java Coding Guidelines] and [The CERT Oracle Secure Coding Standard for Java ] are from the [CERT Secure Coding Initiative]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: What are some of the most exploited security holes in java world?