[guardian-dev] another java exploit to break out of the sandbox

Hans-Christoph Steiner hans at guardianproject.info
Wed Sep 26 10:20:29 EDT 2012


Let's hope Oracle responds quicker than 4 months, like the last one like
this.

http://arstechnica.com/security/2012/09/yet-another-java-flaw-allows-complete-bypass-of-security-sandbox/

Anyone have a good sense of how this exploit affects Android?  It sounds
to me that it really just affects Java applets, were you are running
random code on the web on your machine in a tight sandbox.  Since there
are multiple other barriers in place in Android, it sounds like this
wouldn't be very useful to Android crackers.

.hc


More information about the Guardian-dev mailing list