Submitted by Marc Schoenefeld on Sun, 05/19/2007 - 02:06.
Date: 19/05/07
URL: http://www.illegalaccess.org/java/ICC_Vulns.php
When I read about the currently reported JPG and BMP parsing vulnerabilities in the JDK I thought "holy cow, again they didn't fix it right". Because these current issues base on the same set of problems that were discussed first time almost have a decade ago in:
Some funny remote implication within the serialisation API was discussed first time at Bellua 2005: