Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.
http://developers.slashdot.org/slash...8/07/29/210200
Read more of this story at Slashdot.
http://rss.slashdot.org/~a/Slashdot/...opers?i=9XwzFM</img>
More...