Emergency Workaround For Oracle 0-Day
Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.
I forgot to let Oracle know first. Forgive me.
Actually a better example of C/C++ knowing the size of the arrays would of been the sizeof() operator. Anyway the point still stands, C/C++ intentionally don't test array bounds.
most people intO a