Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Google App Engine Java Security Sandbox bypasses - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google App Engine Java Security Sandbox bypasses

Adam Gowdiak from Polish vulnerability research company Security Explorations has issued an announcement concerning vulnerabilites in the Google App Engine.  Details are still somewhat thin, but it appears that multiple vulnerabilities have been discovered and that some of these vulnerabilities will allow a Java VM sandbox escape.

Further information is available at Full Disclosure archive at seclists.org.

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Rick

277 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!