... Loading ...

SSD Secure Disclosure

Disclosing vulnerabilities responsibly since 2007

SSD Advisory – Oracle Java and Apache Xerces PDF/Docx Server Side DoS

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Oracle Java JDK/JRE ( and previous versions) packages and Apache Xerces (2.11.0) The vulnerabilities are: Oracle JDK/JRE Concurrency-Related Denial of Service java.net.URLConnection (with no setConnectTimeout) Concurrency-Related Denial of Service Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure […]