Slashdot Mirror


Emergency Workaround For Oracle 0-Day

Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.

3 of 152 comments (clear)

  1. I forgot by Anonymous Coward · · Score: -1, Redundant

    I forgot to let Oracle know first. Forgive me.

  2. Re:Another victim of C/C++ lack of array safety by SpazmodeusG · · Score: 0, Redundant

    Actually a better example of C/C++ knowing the size of the arrays would of been the sizeof() operator. Anyway the point still stands, C/C++ intentionally don't test array bounds.

  3. mod 0p by Anonymous Coward · · Score: -1, Redundant

    most people intO a