Feeds

back to article Oracle patches decade-old 'Mark-of-the-Beast' bug in Java

Oracle has squashed a decade-old bug in its Java programming framework that allows attackers to bring down sensitive servers by feeding them numerical values with large numbers of decimal places. The vulnerability in the latest version of Java was disclosed last month and reported by The Reg on Monday. The bug, which stems from …

COMMENTS

This topic is closed for new posts.
Pirate

not the only one perhaps?

Has anyone thought to check C#?

After all these str to decimal type conversions near limits, are not just potentially an issue for one runtime.

As reg reported previously bug affected two languages, but both of those now fixed.

1
0

yup

no problem on .NET

at least not for this value. ;)

0
0
Black Helicopters

Android?

I wonder if the exact same identical bug exists in Android, I mean that would be pure coincidence of course...

4
0
Gold badge

Doubful

Why would it fail in Android?

The failure is in Java runtime classes which Android doesn't use, if it did use them then it would offer some sort of JDK compatibility.

0
0

@Doubtful

> Why would it fail in Android?

Red Arrows moment?

> which Android doesn't use

I guess we'll wait for the courts to decide.

0
0
This topic is closed for new posts.