Adam Gowdiak from Polish vulnerability research company Security Explorations has issued an announcement concerning vulnerabilites in the Google App Engine. Details are still somewhat thin, but it appears that multiple vulnerabilities have been discovered and that some of these vulnerabilities will allow a Java VM sandbox escape.
Further information is available at Full Disclosure archive at seclists.org.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)
Dec 6th 2014
3 years ago