SSD Advisory – Oracle Java and Apache Xerces PDF/Docx Server Side DoS

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Oracle Java JDK/JRE (1.8.0.131 and previous versions) packages and Apache Xerces (2.11.0) The vulnerabilities are: Oracle JDK/JRE Concurrency-Related Denial of Service java.net.URLConnection (with no setConnectTimeout) Concurrency-Related Denial of Service Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure … Continue reading SSD Advisory – Oracle Java and Apache Xerces PDF/Docx Server Side DoS

This is a Security Bloggers Network syndicated blog post authored by SSD / Maor Schwartz. Read the original post at: SecuriTeam Blogs