java is vulnerable to sandbox restrictions bypass. The invoke method of the java.lang.reflect.Method
class in an AccessController doPrivileged block allows remote attackers to call setSecurityManager
to bypass the sandbox restrictions.
lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html
lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html
rhn.redhat.com/errata/RHSA-2016-0701.html
rhn.redhat.com/errata/RHSA-2016-0702.html
rhn.redhat.com/errata/RHSA-2016-0708.html
rhn.redhat.com/errata/RHSA-2016-0716.html
rhn.redhat.com/errata/RHSA-2016-1039.html
seclists.org/fulldisclosure/2016/Apr/20
seclists.org/fulldisclosure/2016/Apr/3
www-01.ibm.com/support/docview.wss?uid=swg1IX90172
www-01.ibm.com/support/docview.wss?uid=swg21980826
www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf
www.securityfocus.com/bid/85895
www.securitytracker.com/id/1035953
access.redhat.com/errata/RHSA-2016:1430
access.redhat.com/errata/RHSA-2017:1216
access.redhat.com/security/updates/classification/#critical
rhn.redhat.com/errata/RHSA-2016-0708.html
www.ibm.com/developerworks/java/jdk/alerts/